Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Mozilla Products: Multiple vulnerabilities
Informations
Name GLSA-201504-01 First vendor Publication 2015-04-07
Vendor Gentoo Last vendor Modification 2015-04-07
Severity (Vendor) Normal Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code.

Background

Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the
‘Mozilla Application Suite’.

Description

Multiple vulnerabilities have been discovered in Firefox, Thunderbird, and SeaMonkey. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, spoof the address bar, conduct clickjacking attacks, bypass security restrictions and protection mechanisms, or have other unspecified impact.

Workaround

There are no known workarounds at this time.

Resolution

All firefox users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/firefox-31.5.3"

All firefox-bin users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/firefox-bin-31.5.3"

All thunderbird users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-client/thunderbird-31.5.0"

All thunderbird-bin users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-31.5.0"

All seamonkey users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.33.1"

All seamonkey-bin users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-client/seamonkey-bin-2.33.1"

All nspr users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/nspr-4.10.6"

References

[ 1 ] CVE-2013-1741 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1741
[ 2 ] CVE-2013-2566 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2566
[ 3 ] CVE-2013-5590 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5590
[ 4 ] CVE-2013-5591 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5591
[ 5 ] CVE-2013-5592 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5592
[ 6 ] CVE-2013-5593 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5593
[ 7 ] CVE-2013-5595 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5595
[ 8 ] CVE-2013-5596 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5596
[ 9 ] CVE-2013-5597 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5597
[ 10 ] CVE-2013-5598 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5598
[ 11 ] CVE-2013-5599 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5599
[ 12 ] CVE-2013-5600 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5600
[ 13 ] CVE-2013-5601 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5601
[ 14 ] CVE-2013-5602 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5602
[ 15 ] CVE-2013-5603 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5603
[ 16 ] CVE-2013-5604 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5604
[ 17 ] CVE-2013-5605 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5605
[ 18 ] CVE-2013-5606 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5606
[ 19 ] CVE-2013-5607 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5607
[ 20 ] CVE-2013-5609 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5609
[ 21 ] CVE-2013-5610 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5610
[ 22 ] CVE-2013-5612 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5612
[ 23 ] CVE-2013-5613 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5613
[ 24 ] CVE-2013-5614 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5614
[ 25 ] CVE-2013-5615 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5615
[ 26 ] CVE-2013-5616 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5616
[ 27 ] CVE-2013-5618 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5618
[ 28 ] CVE-2013-5619 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5619
[ 29 ] CVE-2013-6671 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6671
[ 30 ] CVE-2013-6672 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6672
[ 31 ] CVE-2013-6673 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6673
[ 32 ] CVE-2014-1477 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1477
[ 33 ] CVE-2014-1478 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1478
[ 34 ] CVE-2014-1479 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1479
[ 35 ] CVE-2014-1480 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1480
[ 36 ] CVE-2014-1481 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1481
[ 37 ] CVE-2014-1482 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1482
[ 38 ] CVE-2014-1483 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1483
[ 39 ] CVE-2014-1485 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1485
[ 40 ] CVE-2014-1486 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1486
[ 41 ] CVE-2014-1487 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1487
[ 42 ] CVE-2014-1488 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1488
[ 43 ] CVE-2014-1489 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1489
[ 44 ] CVE-2014-1490 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1490
[ 45 ] CVE-2014-1491 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1491
[ 46 ] CVE-2014-1492 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1492
[ 47 ] CVE-2014-1493 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1493
[ 48 ] CVE-2014-1494 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1494
[ 49 ] CVE-2014-1496 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1496
[ 50 ] CVE-2014-1497 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1497
[ 51 ] CVE-2014-1498 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1498
[ 52 ] CVE-2014-1499 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1499
[ 53 ] CVE-2014-1500 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1500
[ 54 ] CVE-2014-1502 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1502
[ 55 ] CVE-2014-1505 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1505
[ 56 ] CVE-2014-1508 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1508
[ 57 ] CVE-2014-1509 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1509
[ 58 ] CVE-2014-1510 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1510
[ 59 ] CVE-2014-1511 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1511
[ 60 ] CVE-2014-1512 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1512
[ 61 ] CVE-2014-1513 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1513
[ 62 ] CVE-2014-1514 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1514
[ 63 ] CVE-2014-1518 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1518
[ 64 ] CVE-2014-1519 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1519
[ 65 ] CVE-2014-1520 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1520
[ 66 ] CVE-2014-1522 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1522
[ 67 ] CVE-2014-1523 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1523
[ 68 ] CVE-2014-1524 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1524
[ 69 ] CVE-2014-1525 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1525
[ 70 ] CVE-2014-1526 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1526
[ 71 ] CVE-2014-1529 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1529
[ 72 ] CVE-2014-1530 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1530
[ 73 ] CVE-2014-1531 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1531
[ 74 ] CVE-2014-1532 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1532
[ 75 ] CVE-2014-1533 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1533
[ 76 ] CVE-2014-1534 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1534
[ 77 ] CVE-2014-1536 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1536
[ 78 ] CVE-2014-1537 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1537
[ 79 ] CVE-2014-1538 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1538
[ 80 ] CVE-2014-1539 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1539
[ 81 ] CVE-2014-1540 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1540
[ 82 ] CVE-2014-1541 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1541
[ 83 ] CVE-2014-1542 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1542
[ 84 ] CVE-2014-1543 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1543
[ 85 ] CVE-2014-1544 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1544
[ 86 ] CVE-2014-1545 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1545
[ 87 ] CVE-2014-1547 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1547
[ 88 ] CVE-2014-1548 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1548
[ 89 ] CVE-2014-1549 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1549
[ 90 ] CVE-2014-1550 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1550
[ 91 ] CVE-2014-1551 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1551
[ 92 ] CVE-2014-1552 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1552
[ 93 ] CVE-2014-1553 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1553
[ 94 ] CVE-2014-1554 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1554
[ 95 ] CVE-2014-1555 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1555
[ 96 ] CVE-2014-1556 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1556
[ 97 ] CVE-2014-1557 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1557
[ 98 ] CVE-2014-1558 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1558
[ 99 ] CVE-2014-1559 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1559
[ 100 ] CVE-2014-1560 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1560
[ 101 ] CVE-2014-1561 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1561
[ 102 ] CVE-2014-1562 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1562
[ 103 ] CVE-2014-1563 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1563
[ 104 ] CVE-2014-1564 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1564
[ 105 ] CVE-2014-1565 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1565
[ 106 ] CVE-2014-1566 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1566
[ 107 ] CVE-2014-1567 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1567
[ 108 ] CVE-2014-1568 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1568
[ 109 ] CVE-2014-1574 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1574
[ 110 ] CVE-2014-1575 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1575
[ 111 ] CVE-2014-1576 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1576
[ 112 ] CVE-2014-1577 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1577
[ 113 ] CVE-2014-1578 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1578
[ 114 ] CVE-2014-1580 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1580
[ 115 ] CVE-2014-1581 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1581
[ 116 ] CVE-2014-1582 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1582
[ 117 ] CVE-2014-1583 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1583
[ 118 ] CVE-2014-1584 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1584
[ 119 ] CVE-2014-1585 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1585
[ 120 ] CVE-2014-1586 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1586
[ 121 ] CVE-2014-1587 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1587
[ 122 ] CVE-2014-1588 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1588
[ 123 ] CVE-2014-1589 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1589
[ 124 ] CVE-2014-1590 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1590
[ 125 ] CVE-2014-1591 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1591
[ 126 ] CVE-2014-1592 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1592
[ 127 ] CVE-2014-1593 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1593
[ 128 ] CVE-2014-1594 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1594
[ 129 ] CVE-2014-5369 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5369
[ 130 ] CVE-2014-8631 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8631
[ 131 ] CVE-2014-8632 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8632
[ 132 ] CVE-2014-8634 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8634
[ 133 ] CVE-2014-8635 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8635
[ 134 ] CVE-2014-8636 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8636
[ 135 ] CVE-2014-8637 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8637
[ 136 ] CVE-2014-8638 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8638
[ 137 ] CVE-2014-8639 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8639
[ 138 ] CVE-2014-8640 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8640
[ 139 ] CVE-2014-8641 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8641
[ 140 ] CVE-2014-8642 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8642
[ 141 ] CVE-2015-0817 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0817
[ 142 ] CVE-2015-0818 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0818
[ 143 ] CVE-2015-0819 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0819
[ 144 ] CVE-2015-0820 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0820
[ 145 ] CVE-2015-0821 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0821
[ 146 ] CVE-2015-0822 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0822
[ 147 ] CVE-2015-0823 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0823
[ 148 ] CVE-2015-0824 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0824
[ 149 ] CVE-2015-0825 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0825
[ 150 ] CVE-2015-0826 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0826
[ 151 ] CVE-2015-0827 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0827
[ 152 ] CVE-2015-0828 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0828
[ 153 ] CVE-2015-0829 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0829
[ 154 ] CVE-2015-0830 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0830
[ 155 ] CVE-2015-0831 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0831
[ 156 ] CVE-2015-0832 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0832
[ 157 ] CVE-2015-0833 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0833
[ 158 ] CVE-2015-0834 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0834
[ 159 ] CVE-2015-0835 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0835
[ 160 ] CVE-2015-0836 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0836
[ 161 ] VE-2014-1504

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

https://security.gentoo.org/glsa/201504-01

Original Source

Url : http://security.gentoo.org/glsa/glsa-201504-01.xml

CWE : Common Weakness Enumeration

% Id Name
20 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
11 % CWE-264 Permissions, Privileges, and Access Controls
9 % CWE-416 Use After Free
7 % CWE-787 Out-of-bounds Write (CWE/SANS Top 25)
7 % CWE-310 Cryptographic Issues
7 % CWE-20 Improper Input Validation
6 % CWE-200 Information Exposure
5 % CWE-269 Improper Privilege Management
4 % CWE-284 Access Control (Authorization) Issues
4 % CWE-94 Failure to Control Generation of Code ('Code Injection')
3 % CWE-125 Out-of-bounds Read
2 % CWE-362 Race Condition
2 % CWE-346 Origin Validation Error
2 % CWE-189 Numeric Errors (CWE/SANS Top 25)
2 % CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25)
2 % CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)
1 % CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
1 % CWE-399 Resource Management Errors
1 % CWE-352 Cross-Site Request Forgery (CSRF) (CWE/SANS Top 25)
1 % CWE-347 Improper Verification of Cryptographic Signature
1 % CWE-326 Inadequate Encryption Strength
1 % CWE-254 Security Features
1 % CWE-199 Information Management Errors
1 % CWE-190 Integer Overflow or Wraparound (CWE/SANS Top 25)
1 % CWE-19 Data Handling
1 % CWE-17 Code

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:18495
 
Oval ID: oval:org.mitre.oval:def:18495
Title: Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors related to a memory allocation through the garbage collection (GC) API.
Description: Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors related to a memory allocation through the garbage collection (GC) API.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5601
Version: 16
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Mozilla Thunderbird ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18694
 
Oval ID: oval:org.mitre.oval:def:18694
Title: The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct buffer overflow attacks via a crafted web page.
Description: The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct buffer overflow attacks via a crafted web page.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5595
Version: 16
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Mozilla Thunderbird ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18735
 
Oval ID: oval:org.mitre.oval:def:18735
Title: USN-2010-1 -- thunderbird vulnerabilities
Description: Several security issues were fixed in Thunderbird.
Family: unix Class: patch
Reference(s): USN-2010-1
CVE-2013-1739
CVE-2013-5590
CVE-2013-5591
CVE-2013-5593
CVE-2013-5604
CVE-2013-5595
CVE-2013-5596
CVE-2013-5597
CVE-2013-5599
CVE-2013-5600
CVE-2013-5601
CVE-2013-5602
CVE-2013-5603
Version: 5
Platform(s): Ubuntu 13.10
Ubuntu 13.04
Ubuntu 12.10
Ubuntu 12.04
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19001
 
Oval ID: oval:org.mitre.oval:def:19001
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5590
Version: 15
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Mozilla Thunderbird ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19015
 
Oval ID: oval:org.mitre.oval:def:19015
Title: Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description: Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5591
Version: 15
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19066
 
Oval ID: oval:org.mitre.oval:def:19066
Title: The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com.
Description: The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5596
Version: 15
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19091
 
Oval ID: oval:org.mitre.oval:def:19091
Title: The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents.
Description: The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5604
Version: 15
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Mozilla Thunderbird ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19103
 
Oval ID: oval:org.mitre.oval:def:19103
Title: USN-2009-1 -- firefox vulnerabilities
Description: Firefox could be made to crash or run programs as your login if it opened a malicious website.
Family: unix Class: patch
Reference(s): USN-2009-1
CVE-2013-1739
CVE-2013-5590
CVE-2013-5591
CVE-2013-5592
CVE-2013-5593
CVE-2013-5604
CVE-2013-5595
CVE-2013-5596
CVE-2013-5597
CVE-2013-5598
CVE-2013-5599
CVE-2013-5600
CVE-2013-5601
CVE-2013-5602
CVE-2013-5603
Version: 5
Platform(s): Ubuntu 13.10
Ubuntu 13.04
Ubuntu 12.10
Ubuntu 12.04
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19133
 
Oval ID: oval:org.mitre.oval:def:19133
Title: PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object.
Description: PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5598
Version: 8
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19140
 
Oval ID: oval:org.mitre.oval:def:19140
Title: DSA-2800-1 nss - buffer overflow
Description: Andrew Tinits reported a potentially exploitable buffer overflow in the Mozilla Network Security Service library (nss). With a specially crafted request a remote attacker could cause a denial of service or possibly execute arbitrary code.
Family: unix Class: patch
Reference(s): DSA-2800-1
CVE-2013-5605
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/Linux 7
Debian GNU/kFreeBSD 6.0
Debian GNU/kFreeBSD 7
Product(s): nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19148
 
Oval ID: oval:org.mitre.oval:def:19148
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5592
Version: 8
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19172
 
Oval ID: oval:org.mitre.oval:def:19172
Title: Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors involving a blob: URL.
Description: Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors involving a blob: URL.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5600
Version: 15
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Mozilla Thunderbird ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19263
 
Oval ID: oval:org.mitre.oval:def:19263
Title: The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element.
Description: The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5593
Version: 15
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19277
 
Oval ID: oval:org.mitre.oval:def:19277
Title: Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a state-change event during an update of the offline cache.
Description: Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a state-change event during an update of the offline cache.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5597
Version: 15
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Mozilla Thunderbird ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19293
 
Oval ID: oval:org.mitre.oval:def:19293
Title: The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to direct proxies.
Description: The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to direct proxies.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5602
Version: 15
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Mozilla Thunderbird ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19302
 
Oval ID: oval:org.mitre.oval:def:19302
Title: Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving HTML document templates.
Description: Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving HTML document templates.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5603
Version: 15
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19315
 
Oval ID: oval:org.mitre.oval:def:19315
Title: Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event.
Description: Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5599
Version: 15
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
Mozilla Thunderbird ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19393
 
Oval ID: oval:org.mitre.oval:def:19393
Title: CERT_VerifyCert can SECSuccess for bad certificates
Description: The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when the CERTVerifyLog argument is valid, which might allow remote attackers to bypass intended access restrictions via a crafted certificate.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5606
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19530
 
Oval ID: oval:org.mitre.oval:def:19530
Title: Integer truncation in certificate parsing
Description: Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1741
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19731
 
Oval ID: oval:org.mitre.oval:def:19731
Title: Null Cipher buffer overflow
Description: Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5605
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19770
 
Oval ID: oval:org.mitre.oval:def:19770
Title: USN-2030-1 -- nss vulnerabilities
Description: Several security issues were fixed in NSS.
Family: unix Class: patch
Reference(s): USN-2030-1
CVE-2013-1739
CVE-2013-1741
CVE-2013-5605
CVE-2013-5606
Version: 5
Platform(s): Ubuntu 13.10
Ubuntu 13.04
Ubuntu 12.10
Ubuntu 12.04
Ubuntu 10.04
Product(s): nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19778
 
Oval ID: oval:org.mitre.oval:def:19778
Title: Avoid unsigned integer wrapping in PL_ArenaAllocate
Description: Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5607
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Mozilla Firefox
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19893
 
Oval ID: oval:org.mitre.oval:def:19893
Title: USN-2032-1 -- thunderbird vulnerabilities
Description: Several security issues were fixed in Thunderbird.
Family: unix Class: patch
Reference(s): USN-2032-1
CVE-2013-1741
CVE-2013-2566
CVE-2013-5605
CVE-2013-5607
Version: 5
Platform(s): Ubuntu 13.10
Ubuntu 13.04
Ubuntu 12.10
Ubuntu 12.04
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19915
 
Oval ID: oval:org.mitre.oval:def:19915
Title: RC4 algorithm vulnerability
Description: The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.
Family: windows Class: vulnerability
Reference(s): CVE-2013-2566
Version: 11
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Opera Browser
Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19952
 
Oval ID: oval:org.mitre.oval:def:19952
Title: DSA-2788-1 iceweasel - several
Description: Multiple security issues have been found in iceweasel, Debian's version of the Mozilla Firefox web browser: multiple memory safety errors, and other implementation errors may lead to the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-2788-1
CVE-2013-5590
CVE-2013-5595
CVE-2013-5597
CVE-2013-5599
CVE-2013-5600
CVE-2013-5601
CVE-2013-5602
CVE-2013-5604
Version: 5
Platform(s): Debian GNU/Linux 7
Debian GNU/kFreeBSD 7
Product(s): iceweasel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19958
 
Oval ID: oval:org.mitre.oval:def:19958
Title: USN-2031-1 -- firefox vulnerabilities
Description: Several security issues were fixed in Firefox.
Family: unix Class: patch
Reference(s): USN-2031-1
CVE-2013-1741
CVE-2013-2566
CVE-2013-5605
CVE-2013-5607
Version: 5
Platform(s): Ubuntu 13.10
Ubuntu 13.04
Ubuntu 12.10
Ubuntu 12.04
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20123
 
Oval ID: oval:org.mitre.oval:def:20123
Title: DSA-2797-1 icedove - several
Description: Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors, and other implementation errors may lead to the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-2797-1
CVE-2013-5590
CVE-2013-5595
CVE-2013-5597
CVE-2013-5599
CVE-2013-5600
CVE-2013-5601
CVE-2013-5602
CVE-2013-5604
Version: 5
Platform(s): Debian GNU/Linux 7
Debian GNU/kFreeBSD 7
Product(s): icedove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20292
 
Oval ID: oval:org.mitre.oval:def:20292
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5610
Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20606
 
Oval ID: oval:org.mitre.oval:def:20606
Title: RHSA-2013:1829: nss, nspr, and nss-util security update (Important)
Description: Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741.
Family: unix Class: patch
Reference(s): RHSA-2013:1829-00
CESA-2013:1829
CVE-2013-1739
CVE-2013-1741
CVE-2013-5605
CVE-2013-5606
CVE-2013-5607
Version: 75
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): nspr
nss
nss-util
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20678
 
Oval ID: oval:org.mitre.oval:def:20678
Title: Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.
Description: Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5616
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Mozilla Firefox ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20749
 
Oval ID: oval:org.mitre.oval:def:20749
Title: RHSA-2013:1812: firefox security update (Critical)
Description: The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
Family: unix Class: patch
Reference(s): RHSA-2013:1812-01
CESA-2013:1812
CVE-2013-0772
CVE-2013-5609
CVE-2013-5612
CVE-2013-5613
CVE-2013-5614
CVE-2013-5616
CVE-2013-5618
CVE-2013-6671
Version: 117
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 5
CentOS Linux 6
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20800
 
Oval ID: oval:org.mitre.oval:def:20800
Title: The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.
Description: The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5615
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Mozilla Firefox ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20848
 
Oval ID: oval:org.mitre.oval:def:20848
Title: RHSA-2013:1480: thunderbird security update (Important)
Description: Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event.
Family: unix Class: patch
Reference(s): RHSA-2013:1480-01
CESA-2013:1480
CVE-2013-5599
Version: 4
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 5
CentOS Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20932
 
Oval ID: oval:org.mitre.oval:def:20932
Title: Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.
Description: Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5614
Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21015
 
Oval ID: oval:org.mitre.oval:def:21015
Title: Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.
Description: Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5613
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Mozilla Firefox ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21024
 
Oval ID: oval:org.mitre.oval:def:21024
Title: Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.
Description: Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.
Family: windows Class: vulnerability
Reference(s): CVE-2013-6673
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Mozilla Firefox ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21047
 
Oval ID: oval:org.mitre.oval:def:21047
Title: Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.
Description: Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5612
Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21069
 
Oval ID: oval:org.mitre.oval:def:21069
Title: DSA-2820-1 nspr - integer overflow
Description: It was discovered that NSPR, Netscape Portable Runtime library, could crash an application using the library when parsing a certificate that causes an integer overflow. This flaw only affects 64-bit systems.
Family: unix Class: patch
Reference(s): DSA-2820-1
CVE-2013-5607
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/Linux 7
Debian GNU/kFreeBSD 6.0
Debian GNU/kFreeBSD 7
Product(s): nspr
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21091
 
Oval ID: oval:org.mitre.oval:def:21091
Title: Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.
Description: Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5619
Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21104
 
Oval ID: oval:org.mitre.oval:def:21104
Title: RHSA-2013:1791: nss and nspr security, bug fix, and enhancement update (Important)
Description: Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741.
Family: unix Class: patch
Reference(s): RHSA-2013:1791-00
CESA-2013:1791
CVE-2013-1739
CVE-2013-1741
CVE-2013-5605
CVE-2013-5606
CVE-2013-5607
Version: 73
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): nspr
nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21110
 
Oval ID: oval:org.mitre.oval:def:21110
Title: The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
Description: The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
Family: windows Class: vulnerability
Reference(s): CVE-2013-6671
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Mozilla Firefox ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21122
 
Oval ID: oval:org.mitre.oval:def:21122
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2013-5609
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Mozilla Firefox ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21167
 
Oval ID: oval:org.mitre.oval:def:21167
Title: RHSA-2013:1476: firefox security update (Critical)
Description: The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents.
Family: unix Class: patch
Reference(s): RHSA-2013:1476-00
CESA-2013:1476
CVE-2013-5590
CVE-2013-5595
CVE-2013-5597
CVE-2013-5599
CVE-2013-5600
CVE-2013-5601
CVE-2013-5602
CVE-2013-5604
Version: 115
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21283
 
Oval ID: oval:org.mitre.oval:def:21283
Title: RHSA-2013:1823: thunderbird security update (Important)
Description: The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
Family: unix Class: patch
Reference(s): RHSA-2013:1823-01
CESA-2013:1823
CVE-2013-0772
CVE-2013-5609
CVE-2013-5612
CVE-2013-5613
CVE-2013-5614
CVE-2013-5616
CVE-2013-5618
CVE-2013-6671
Version: 117
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 5
CentOS Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21707
 
Oval ID: oval:org.mitre.oval:def:21707
Title: RHSA-2014:0133: thunderbird security update (Important)
Description: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
Family: unix Class: patch
Reference(s): RHSA-2014:0133-00
CESA-2014:0133
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
Version: 55
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22218
 
Oval ID: oval:org.mitre.oval:def:22218
Title: USN-2102-1 -- firefox vulnerabilities
Description: Firefox could be made to crash or run programs as your login if it opened a malicious website.
Family: unix Class: patch
Reference(s): USN-2102-1
CVE-2014-1477
CVE-2014-1478
CVE-2014-1479
CVE-2014-1480
CVE-2014-1482
CVE-2014-1483
CVE-2014-1485
CVE-2014-1486
CVE-2014-1487
CVE-2014-1489
CVE-2014-1488
CVE-2014-1490
CVE-2014-1491
CVE-2014-1481
Version: 5
Platform(s): Ubuntu 13.10
Ubuntu 12.10
Ubuntu 12.04
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22452
 
Oval ID: oval:org.mitre.oval:def:22452
Title: USN-2087-1 -- nspr vulnerability
Description: NSPR could be made to crash or run programs if it received a specially crafted certificate.
Family: unix Class: patch
Reference(s): USN-2087-1
CVE-2013-5607
Version: 5
Platform(s): Ubuntu 13.10
Ubuntu 12.10
Ubuntu 12.04
Ubuntu 10.04
Product(s): nspr
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22486
 
Oval ID: oval:org.mitre.oval:def:22486
Title: DSA-2858-1 iceweasel - several
Description: Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, too-verbose error messages and missing permission checks may lead to the execution of arbitrary code, the bypass of security checks or information disclosure. This update also addresses security issues in the bundled version of the NSS crypto library.
Family: unix Class: patch
Reference(s): DSA-2858-1
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
CVE-2014-1490
CVE-2014-1491
Version: 5
Platform(s): Debian GNU/Linux 7
Debian GNU/kFreeBSD 7
Product(s): iceweasel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22534
 
Oval ID: oval:org.mitre.oval:def:22534
Title: RHSA-2014:0132: firefox security update (Critical)
Description: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
Family: unix Class: patch
Reference(s): RHSA-2014:0132-00
CESA-2014:0132
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
Version: 55
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 5
CentOS Linux 6
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23177
 
Oval ID: oval:org.mitre.oval:def:23177
Title: ELSA-2013:1791: nss and nspr security, bug fix, and enhancement update (Important)
Description: Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741.
Family: unix Class: patch
Reference(s): ELSA-2013:1791-00
CVE-2013-1739
CVE-2013-1741
CVE-2013-5605
CVE-2013-5606
CVE-2013-5607
Version: 25
Platform(s): Oracle Linux 5
Product(s): nspr
nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23381
 
Oval ID: oval:org.mitre.oval:def:23381
Title: DEPRECATED: ELSA-2014:0133: thunderbird security update (Important)
Description: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
Family: unix Class: patch
Reference(s): ELSA-2014:0133-00
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
Version: 30
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23396
 
Oval ID: oval:org.mitre.oval:def:23396
Title: DEPRECATED: ELSA-2013:1812: firefox security update (Critical)
Description: The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
Family: unix Class: patch
Reference(s): ELSA-2013:1812-01
CVE-2013-0772
CVE-2013-5609
CVE-2013-5612
CVE-2013-5613
CVE-2013-5614
CVE-2013-5616
CVE-2013-5618
CVE-2013-6671
Version: 38
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23434
 
Oval ID: oval:org.mitre.oval:def:23434
Title: DEPRECATED: ELSA-2013:1476: firefox security update (Critical)
Description: The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents.
Family: unix Class: patch
Reference(s): ELSA-2013:1476-00
CVE-2013-5590
CVE-2013-5595
CVE-2013-5597
CVE-2013-5599
CVE-2013-5600
CVE-2013-5601
CVE-2013-5602
CVE-2013-5604
Version: 38
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23452
 
Oval ID: oval:org.mitre.oval:def:23452
Title: DEPRECATED: ELSA-2014:0132: firefox security update (Critical)
Description: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
Family: unix Class: patch
Reference(s): ELSA-2014:0132-00
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
Version: 30
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23516
 
Oval ID: oval:org.mitre.oval:def:23516
Title: DEPRECATED: ELSA-2014:0310: firefox security update (Critical)
Description: vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.
Family: unix Class: patch
Reference(s): ELSA-2014:0310-00
CVE-2014-1493
CVE-2014-1497
CVE-2014-1505
CVE-2014-1508
CVE-2014-1509
CVE-2014-1510
CVE-2014-1511
CVE-2014-1512
CVE-2014-1513
CVE-2014-1514
Version: 15
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23527
 
Oval ID: oval:org.mitre.oval:def:23527
Title: DEPRECATED: ELSA-2013:1480: thunderbird security update (Important)
Description: Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event.
Family: unix Class: patch
Reference(s): ELSA-2013:1480-01
CVE-2013-5599
Version: 7
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23545
 
Oval ID: oval:org.mitre.oval:def:23545
Title: Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site
Description: Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1489
Version: 8
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23716
 
Oval ID: oval:org.mitre.oval:def:23716
Title: The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart.
Description: The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1504
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23732
 
Oval ID: oval:org.mitre.oval:def:23732
Title: USN-2102-2 -- firefox regression
Description: USN-2102-1 introduced a regression in Firefox.
Family: unix Class: patch
Reference(s): USN-2102-2
CVE-2014-1477
CVE-2014-1478
CVE-2014-1479
CVE-2014-1480
CVE-2014-1482
CVE-2014-1483
CVE-2014-1485
CVE-2014-1486
CVE-2014-1487
CVE-2014-1489
CVE-2014-1488
CVE-2014-1490
CVE-2014-1491
CVE-2014-1481
Version: 5
Platform(s): Ubuntu 13.10
Ubuntu 12.10
Ubuntu 12.04
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23735
 
Oval ID: oval:org.mitre.oval:def:23735
Title: USN-2150-1 -- firefox vulnerabilities
Description: Firefox could be made to crash or run programs as your login if it opened a malicious website.
Family: unix Class: patch
Reference(s): USN-2150-1
CVE-2014-1493
CVE-2014-1494
CVE-2014-1497
CVE-2014-1498
CVE-2014-1499
CVE-2014-1500
CVE-2014-1502
CVE-2014-1504
CVE-2014-1505
CVE-2014-1508
CVE-2014-1509
CVE-2014-1510
CVE-2014-1511
CVE-2014-1512
CVE-2014-1513
CVE-2014-1514
Version: 5
Platform(s): Ubuntu 13.10
Ubuntu 12.10
Ubuntu 12.04
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23744
 
Oval ID: oval:org.mitre.oval:def:23744
Title: The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements.
Description: The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1505
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23759
 
Oval ID: oval:org.mitre.oval:def:23759
Title: The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js
Description: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1487
Version: 9
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23766
 
Oval ID: oval:org.mitre.oval:def:23766
Title: ELSA-2014:0132: firefox security update (Critical)
Description: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
Family: unix Class: patch
Reference(s): ELSA-2014:0132-00
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
Version: 29
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23821
 
Oval ID: oval:org.mitre.oval:def:23821
Title: RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create
Description: RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1482
Version: 8
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23916
 
Oval ID: oval:org.mitre.oval:def:23916
Title: ELSA-2013:1812: firefox security update (Critical)
Description: The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
Family: unix Class: patch
Reference(s): ELSA-2013:1812-01
CVE-2013-0772
CVE-2013-5609
CVE-2013-5612
CVE-2013-5613
CVE-2013-5614
CVE-2013-5616
CVE-2013-5618
CVE-2013-6671
Version: 37
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23934
 
Oval ID: oval:org.mitre.oval:def:23934
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1477
Version: 8
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23979
 
Oval ID: oval:org.mitre.oval:def:23979
Title: RHSA-2014:0316: thunderbird security update (Important)
Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514) Several information disclosure flaws were found in the way Thunderbird processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Thunderbird to crash. (CVE-2014-1497, CVE-2014-1508, CVE-2014-1505) A memory corruption flaw was found in the way Thunderbird rendered certain PDF files. An attacker able to trick a user into installing a malicious extension could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1509) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman, Christoph Diehl, Atte Kettunen, Tyson Smith, Jesse Schwartzentruber, John Thomson, Robert O'Callahan, Mariusz Mlynski, Jüri Aedla, George Hotz, and the security research firm VUPEN as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.4.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.4.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0316-00
CESA-2014:0316
CVE-2014-1493
CVE-2014-1497
CVE-2014-1505
CVE-2014-1508
CVE-2014-1509
CVE-2014-1510
CVE-2014-1511
CVE-2014-1512
CVE-2014-1513
CVE-2014-1514
Version: 27
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23990
 
Oval ID: oval:org.mitre.oval:def:23990
Title: The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site
Description: The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1480
Version: 8
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23996
 
Oval ID: oval:org.mitre.oval:def:23996
Title: Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24 does not properly restrict public values in Diffie-Hellman key exchanges
Description: Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1491
Version: 12
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24002
 
Oval ID: oval:org.mitre.oval:def:24002
Title: Buffer overflow when using non-XBL object as XBL
Description: The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1524
Version: 11
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24009
 
Oval ID: oval:org.mitre.oval:def:24009
Title: Memory safety bugs fixed in Firefox ESR 24.5 and Firefox 29.0
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1518
Version: 11
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24017
 
Oval ID: oval:org.mitre.oval:def:24017
Title: The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.
Description: The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1510
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24030
 
Oval ID: oval:org.mitre.oval:def:24030
Title: Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines
Description: Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1481
Version: 8
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24042
 
Oval ID: oval:org.mitre.oval:def:24042
Title: DEPRECATED: ELSA-2014:0448: firefox security update (Critical)
Description: Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531) A use-after-free flaw was found in the way Firefox resolved hosts in certain circumstances. An attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1532) An out-of-bounds read flaw was found in the way Firefox decoded JPEG images. Loading a web page containing a specially crafted JPEG image could cause Firefox to crash. (CVE-2014-1523) A flaw was found in the way Firefox handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross-site scripting (XSS) attacks. (CVE-2014-1530) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler, Abhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith, and Jesse Schwartzentrube as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.5.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to this updated package, which contains Firefox version 24.5.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014:0448-00
CVE-2014-1518
CVE-2014-1523
CVE-2014-1524
CVE-2014-1529
CVE-2014-1530
CVE-2014-1531
CVE-2014-1532
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24056
 
Oval ID: oval:org.mitre.oval:def:24056
Title: The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes
Description: The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1479
Version: 8
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24084
 
Oval ID: oval:org.mitre.oval:def:24084
Title: Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions
Description: Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1483
Version: 8
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24094
 
Oval ID: oval:org.mitre.oval:def:24094
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1534
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24097
 
Oval ID: oval:org.mitre.oval:def:24097
Title: USN-2151-1 -- thunderbird vulnerabilities
Description: Several security issues were fixed in Thunderbird.
Family: unix Class: patch
Reference(s): USN-2151-1
CVE-2014-1493
CVE-2014-1497
CVE-2014-1505
CVE-2014-1508
CVE-2014-1509
CVE-2014-1510
CVE-2014-1511
CVE-2014-1512
CVE-2014-1513
CVE-2014-1514
Version: 5
Platform(s): Ubuntu 13.10
Ubuntu 12.10
Ubuntu 12.04
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24103
 
Oval ID: oval:org.mitre.oval:def:24103
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1478
Version: 8
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24118
 
Oval ID: oval:org.mitre.oval:def:24118
Title: ELSA-2013:1476: firefox security update (Critical)
Description: The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents.
Family: unix Class: patch
Reference(s): ELSA-2013:1476-00
CVE-2013-5590
CVE-2013-5595
CVE-2013-5597
CVE-2013-5599
CVE-2013-5600
CVE-2013-5601
CVE-2013-5602
CVE-2013-5604
Version: 37
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24139
 
Oval ID: oval:org.mitre.oval:def:24139
Title: ELSA-2013:1480: thunderbird security update (Important)
Description: Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event.
Family: unix Class: patch
Reference(s): ELSA-2013:1480-01
CVE-2013-5599
Version: 6
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24144
 
Oval ID: oval:org.mitre.oval:def:24144
Title: The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.
Description: The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1502
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24156
 
Oval ID: oval:org.mitre.oval:def:24156
Title: ELSA-2014:0133: thunderbird security update (Important)
Description: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
Family: unix Class: patch
Reference(s): ELSA-2014:0133-00
CVE-2014-1477
CVE-2014-1479
CVE-2014-1481
CVE-2014-1482
CVE-2014-1486
CVE-2014-1487
Version: 29
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24164
 
Oval ID: oval:org.mitre.oval:def:24164
Title: The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions
Description: The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1485
Version: 8
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24175
 
Oval ID: oval:org.mitre.oval:def:24175
Title: DEPRECATED: ELSA-2014:0449: thunderbird security update (Important)
Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531) A use-after-free flaw was found in the way Thunderbird resolved hosts in certain circumstances. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1532) An out-of-bounds read flaw was found in the way Thunderbird decoded JPEG images. Loading an email or a web page containing a specially crafted JPEG image could cause Thunderbird to crash. (CVE-2014-1523) A flaw was found in the way Thunderbird handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross-site scripting (XSS) attacks. (CVE-2014-1530) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler, Abhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith and Jesse Schwartzentrube as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.5.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.5.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014:0449-00
CVE-2014-1518
CVE-2014-1523
CVE-2014-1524
CVE-2014-1529
CVE-2014-1530
CVE-2014-1531
CVE-2014-1532
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24183
 
Oval ID: oval:org.mitre.oval:def:24183
Title: ELSA-2013:1829: nss, nspr, and nss-util security update (Important)
Description: Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741.
Family: unix Class: patch
Reference(s): ELSA-2013:1829-00
CVE-2013-1739
CVE-2013-1741
CVE-2013-5605
CVE-2013-5606
CVE-2013-5607
Version: 25
Platform(s): Oracle Linux 6
Product(s): nspr
nss
nss-util
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24194
 
Oval ID: oval:org.mitre.oval:def:24194
Title: Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket
Description: Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1490
Version: 12
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24205
 
Oval ID: oval:org.mitre.oval:def:24205
Title: Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data
Description: Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1486
Version: 8
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24208
 
Oval ID: oval:org.mitre.oval:def:24208
Title: Use-after-free in the Text Track Manager for HTML video
Description: The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1525
Version: 11
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24209
 
Oval ID: oval:org.mitre.oval:def:24209
Title: The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages
Description: The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1488
Version: 9
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24225
 
Oval ID: oval:org.mitre.oval:def:24225
Title: DSA-2881-1 iceweasel - security update
Description: Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure, denial of service.
Family: unix Class: patch
Reference(s): DSA-2881-1
CVE-2014-1493
CVE-2014-1497
CVE-2014-1505
CVE-2014-1508
CVE-2014-1510
CVE-2014-1511
CVE-2014-1512
CVE-2014-1513
CVE-2014-1514
Version: 5
Platform(s): Debian GNU/Linux 7
Debian GNU/kFreeBSD 7
Product(s): iceweasel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24262
 
Oval ID: oval:org.mitre.oval:def:24262
Title: RHSA-2014:0741: firefox security update (Critical)
Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1533, CVE-2014-1538, CVE-2014-1541) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Gary Kwong, Christoph Diehl, Christian Holler, Hannes Verschore, Jan de Mooij, Ryan VanderMeulen, Jeff Walden, Kyle Huey, Abhishek Arya, and Nils as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.6.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 24.6.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0741-00
CESA-2014:0741
CVE-2014-1533
CVE-2014-1538
CVE-2014-1541
Version: 4
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
CentOS Linux 5
CentOS Linux 6
CentOS Linux 7
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24267
 
Oval ID: oval:org.mitre.oval:def:24267
Title: Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Description: Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1538
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24286
 
Oval ID: oval:org.mitre.oval:def:24286
Title: Privilege escalation through Web Notification API
Description: The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1529
Version: 11
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24293
 
Oval ID: oval:org.mitre.oval:def:24293
Title: RHSA-2014:0310: firefox security update (Critical)
Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514) Several information disclosure flaws were found in the way Firefox processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Firefox to crash. (CVE-2014-1497, CVE-2014-1508, CVE-2014-1505) A memory corruption flaw was found in the way Firefox rendered certain PDF files. An attacker able to trick a user into installing a malicious extension could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1509) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman, Christoph Diehl, Atte Kettunen, Tyson Smith, Jesse Schwartzentruber, John Thomson, Robert O'Callahan, Mariusz Mlynski, Jüri Aedla, George Hotz, and the security research firm VUPEN as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.4.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 24.4.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0310-00
CESA-2014:0310
CVE-2014-1493
CVE-2014-1497
CVE-2014-1505
CVE-2014-1508
CVE-2014-1509
CVE-2014-1510
CVE-2014-1511
CVE-2014-1512
CVE-2014-1513
CVE-2014-1514
Version: 27
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24300
 
Oval ID: oval:org.mitre.oval:def:24300
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1533
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24343
 
Oval ID: oval:org.mitre.oval:def:24343
Title: DEPRECATED: ELSA-2014:0316: thunderbird security update (Important)
Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514) Several information disclosure flaws were found in the way Thunderbird processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Thunderbird to crash. (CVE-2014-1497, CVE-2014-1508, CVE-2014-1505) A memory corruption flaw was found in the way Thunderbird rendered certain PDF files. An attacker able to trick a user into installing a malicious extension could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1509) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman, Christoph Diehl, Atte Kettunen, Tyson Smith, Jesse Schwartzentruber, John Thomson, Robert O'Callahan, Mariusz Mlynski, Jüri Aedla, George Hotz, and the security research firm VUPEN as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.4.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.4.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014:0316-00
CVE-2014-1493
CVE-2014-1497
CVE-2014-1505
CVE-2014-1508
CVE-2014-1509
CVE-2014-1510
CVE-2014-1511
CVE-2014-1512
CVE-2014-1513
CVE-2014-1514
Version: 15
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24349
 
Oval ID: oval:org.mitre.oval:def:24349
Title: ELSA-2014:0448: firefox security update (Critical)
Description: Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531) A use-after-free flaw was found in the way Firefox resolved hosts in certain circumstances. An attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1532) An out-of-bounds read flaw was found in the way Firefox decoded JPEG images. Loading a web page containing a specially crafted JPEG image could cause Firefox to crash. (CVE-2014-1523) A flaw was found in the way Firefox handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross-site scripting (XSS) attacks. (CVE-2014-1530) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler, Abhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith, and Jesse Schwartzentrube as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.5.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to this updated package, which contains Firefox version 24.5.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014:0448-00
CVE-2014-1518
CVE-2014-1523
CVE-2014-1524
CVE-2014-1529
CVE-2014-1530
CVE-2014-1531
CVE-2014-1532
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24352
 
Oval ID: oval:org.mitre.oval:def:24352
Title: Use-after-free in nsHostResolver
Description: Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1532
Version: 11
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24370
 
Oval ID: oval:org.mitre.oval:def:24370
Title: Privilege escalation through Mozilla Maintenance Service Installer
Description: maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an unspecified point in the update process.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1520
Version: 11
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24418
 
Oval ID: oval:org.mitre.oval:def:24418
Title: ELSA-2014:0316: thunderbird security update (Important)
Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514) Several information disclosure flaws were found in the way Thunderbird processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Thunderbird to crash. (CVE-2014-1497, CVE-2014-1508, CVE-2014-1505) A memory corruption flaw was found in the way Thunderbird rendered certain PDF files. An attacker able to trick a user into installing a malicious extension could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1509) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman, Christoph Diehl, Atte Kettunen, Tyson Smith, Jesse Schwartzentruber, John Thomson, Robert O'Callahan, Mariusz Mlynski, Jüri Aedla, George Hotz, and the security research firm VUPEN as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.4.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.4.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014:0316-00
CVE-2014-1493
CVE-2014-1497
CVE-2014-1505
CVE-2014-1508
CVE-2014-1509
CVE-2014-1510
CVE-2014-1511
CVE-2014-1512
CVE-2014-1513
CVE-2014-1514
Version: 14
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24419
 
Oval ID: oval:org.mitre.oval:def:24419
Title: DEPRECATED: Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image.
Description: Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1539
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24428
 
Oval ID: oval:org.mitre.oval:def:24428
Title: Web Audio memory corruption issues
Description: The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1522
Version: 11
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24447
 
Oval ID: oval:org.mitre.oval:def:24447
Title: Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.
Description: Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1511
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24453
 
Oval ID: oval:org.mitre.oval:def:24453
Title: Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox before 30.0 allow remote attackers to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad device.
Description: Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox before 30.0 allow remote attackers to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad device.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1543
Version: 10
Platform(s): Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24458
 
Oval ID: oval:org.mitre.oval:def:24458
Title: ELSA-2014:0310: firefox security update (Critical)
Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514) Several information disclosure flaws were found in the way Firefox processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Firefox to crash. (CVE-2014-1497, CVE-2014-1508, CVE-2014-1505) A memory corruption flaw was found in the way Firefox rendered certain PDF files. An attacker able to trick a user into installing a malicious extension could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1509) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman, Christoph Diehl, Atte Kettunen, Tyson Smith, Jesse Schwartzentruber, John Thomson, Robert O'Callahan, Mariusz Mlynski, Jüri Aedla, George Hotz, and the security research firm VUPEN as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.4.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 24.4.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014:0310-00
CVE-2014-1493
CVE-2014-1497
CVE-2014-1505
CVE-2014-1508
CVE-2014-1509
CVE-2014-1510
CVE-2014-1511
CVE-2014-1512
CVE-2014-1513
CVE-2014-1514
Version: 14
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24477
 
Oval ID: oval:org.mitre.oval:def:24477
Title: Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.
Description: Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1500
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24484
 
Oval ID: oval:org.mitre.oval:def:24484
Title: USN-2159-1 -- nss vulnerability
Description: NSS could be made to expose sensitive information over the network.
Family: unix Class: patch
Reference(s): USN-2159-1
CVE-2014-1492
Version: 5
Platform(s): Ubuntu 13.10
Ubuntu 12.10
Ubuntu 12.04
Ubuntu 10.04
Product(s): nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24490
 
Oval ID: oval:org.mitre.oval:def:24490
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1494
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24497
 
Oval ID: oval:org.mitre.oval:def:24497
Title: Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.
Description: Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1499
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24500
 
Oval ID: oval:org.mitre.oval:def:24500
Title: The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.
Description: The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1497
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24507
 
Oval ID: oval:org.mitre.oval:def:24507
Title: Use-after-free in imgLoader while resizing images
Description: Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1531
Version: 11
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24512
 
Oval ID: oval:org.mitre.oval:def:24512
Title: Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.
Description: Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1512
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24519
 
Oval ID: oval:org.mitre.oval:def:24519
Title: The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.
Description: The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1508
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24534
 
Oval ID: oval:org.mitre.oval:def:24534
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1493
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24541
 
Oval ID: oval:org.mitre.oval:def:24541
Title: Incorrect IDNA domain name matching for wildcard certificates
Description: The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1492
Version: 11
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24549
 
Oval ID: oval:org.mitre.oval:def:24549
Title: Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.
Description: Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1509
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24553
 
Oval ID: oval:org.mitre.oval:def:24553
Title: Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event.
Description: Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1555
Version: 7
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24570
 
Oval ID: oval:org.mitre.oval:def:24570
Title: Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.
Description: Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1496
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24571
 
Oval ID: oval:org.mitre.oval:def:24571
Title: TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.
Description: TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1513
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24581
 
Oval ID: oval:org.mitre.oval:def:24581
Title: USN-2189-1 -- thunderbird vulnerabilities
Description: Several security issues were fixed in Thunderbird.
Family: unix Class: patch
Reference(s): USN-2189-1
CVE-2014-1518
CVE-2014-1523
CVE-2014-1524
CVE-2014-1529
CVE-2014-1530
CVE-2014-1531
CVE-2014-1532
Version: 4
Platform(s): Ubuntu 14.04
Ubuntu 13.10
Ubuntu 12.10
Ubuntu 12.04
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24617
 
Oval ID: oval:org.mitre.oval:def:24617
Title: The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.
Description: The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1498
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24625
 
Oval ID: oval:org.mitre.oval:def:24625
Title: vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.
Description: vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1514
Version: 9
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24667
 
Oval ID: oval:org.mitre.oval:def:24667
Title: Debugger can bypass XrayWrappers with JavaScript
Description: The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1526
Version: 11
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24670
 
Oval ID: oval:org.mitre.oval:def:24670
Title: RHSA-2014:0742: thunderbird security update (Important)
Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1533, CVE-2014-1538, CVE-2014-1541) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Gary Kwong, Christoph Diehl, Christian Holler, Hannes Verschore, Jan de Mooij, Ryan VanderMeulen, Jeff Walden, Kyle Huey, Abhishek Arya, and Nils as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.6.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.6.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0742-00
CESA-2014:0742
CVE-2014-1533
CVE-2014-1538
CVE-2014-1541
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24697
 
Oval ID: oval:org.mitre.oval:def:24697
Title: Out of bounds read while decoding JPG images
Description: Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1523
Version: 11
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24708
 
Oval ID: oval:org.mitre.oval:def:24708
Title: ELSA-2014:0449: thunderbird security update (Important)
Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531) A use-after-free flaw was found in the way Thunderbird resolved hosts in certain circumstances. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1532) An out-of-bounds read flaw was found in the way Thunderbird decoded JPEG images. Loading an email or a web page containing a specially crafted JPEG image could cause Thunderbird to crash. (CVE-2014-1523) A flaw was found in the way Thunderbird handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross-site scripting (XSS) attacks. (CVE-2014-1530) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler, Abhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith and Jesse Schwartzentrube as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.5.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.5.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014:0449-00
CVE-2014-1518
CVE-2014-1523
CVE-2014-1524
CVE-2014-1529
CVE-2014-1530
CVE-2014-1531
CVE-2014-1532
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24710
 
Oval ID: oval:org.mitre.oval:def:24710
Title: Cross-site scripting (XSS) using history navigations
Description: The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1530
Version: 11
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24716
 
Oval ID: oval:org.mitre.oval:def:24716
Title: Memory safety bugs fixed in Firefox 29.0
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1519
Version: 11
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla SeaMonkey
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24736
 
Oval ID: oval:org.mitre.oval:def:24736
Title: SUSE-SU-2014:0248-1 -- Security update for MozillaFirefox
Description: This updates the Mozilla Firefox browser to the 24.3.0ESR security release. The Mozilla NSS libraries are now on version 3.15.4.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0248-1
CVE-2014-1477
CVE-2014-1479
CVE-2014-1480
CVE-2014-1482
CVE-2014-1483
CVE-2014-1484
CVE-2014-1485
CVE-2014-1486
CVE-2014-1487
CVE-2014-1489
CVE-2014-1488
CVE-2014-1490
CVE-2014-1491
CVE-2014-1481
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): MozillaFirefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24799
 
Oval ID: oval:org.mitre.oval:def:24799
Title: Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) panel, or (3) toolbar customization.
Description: Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) panel, or (3) toolbar customization.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1561
Version: 7
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24808
 
Oval ID: oval:org.mitre.oval:def:24808
Title: Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.
Description: Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1540
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24812
 
Oval ID: oval:org.mitre.oval:def:24812
Title: RHSA-2014:0918: thunderbird security update (Important)
Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1547, CVE-2014-1555, CVE-2014-1556, CVE-2014-1557) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, David Keeler, Byron Campen, Jethro Beekman, Patrick Cozzi, and Mozilla community member John as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.7.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.7.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0918-00
CESA-2014:0918
CVE-2014-1547
CVE-2014-1555
CVE-2014-1556
CVE-2014-1557
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24829
 
Oval ID: oval:org.mitre.oval:def:24829
Title: RHSA-2014:0449: thunderbird security update (Important)
Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531) A use-after-free flaw was found in the way Thunderbird resolved hosts in certain circumstances. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1532) An out-of-bounds read flaw was found in the way Thunderbird decoded JPEG images. Loading an email or a web page containing a specially crafted JPEG image could cause Thunderbird to crash. (CVE-2014-1523) A flaw was found in the way Thunderbird handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross-site scripting (XSS) attacks. (CVE-2014-1530) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler, Abhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith and Jesse Schwartzentrube as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.5.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.5.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0449-00
CESA-2014:0449
CVE-2014-1518
CVE-2014-1523
CVE-2014-1524
CVE-2014-1529
CVE-2014-1530
CVE-2014-1531
CVE-2014-1532
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24839
 
Oval ID: oval:org.mitre.oval:def:24839
Title: USN-2185-1 -- firefox vulnerabilities
Description: Firefox could be made to crash or run programs as your login if it opened a malicious website.
Family: unix Class: patch
Reference(s): USN-2185-1
CVE-2014-1518
CVE-2014-1519
CVE-2014-1522
CVE-2014-1523
CVE-2014-1524
CVE-2014-1525
CVE-2014-1528
CVE-2014-1529
CVE-2014-1530
CVE-2014-1531
CVE-2014-1492
CVE-2014-1532
CVE-2014-1526
Version: 4
Platform(s): Ubuntu 14.04
Ubuntu 13.10
Ubuntu 12.10
Ubuntu 12.04
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24841
 
Oval ID: oval:org.mitre.oval:def:24841
Title: Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Description: Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1537
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24845
 
Oval ID: oval:org.mitre.oval:def:24845
Title: RHSA-2014:0448: firefox security update (Critical)
Description: Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531) A use-after-free flaw was found in the way Firefox resolved hosts in certain circumstances. An attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1532) An out-of-bounds read flaw was found in the way Firefox decoded JPEG images. Loading a web page containing a specially crafted JPEG image could cause Firefox to crash. (CVE-2014-1523) A flaw was found in the way Firefox handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross-site scripting (XSS) attacks. (CVE-2014-1530) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler, Abhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith, and Jesse Schwartzentrube as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.5.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to this updated package, which contains Firefox version 24.5.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0448-00
CESA-2014:0448
CVE-2014-1518
CVE-2014-1523
CVE-2014-1524
CVE-2014-1529
CVE-2014-1530
CVE-2014-1531
CVE-2014-1532
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24858
 
Oval ID: oval:org.mitre.oval:def:24858
Title: SUSE-SU-2014:0418-1 -- Security update for MozillaFirefox
Description: Mozilla Firefox was updated to 24.4.0ESR release, fixing various security issues and bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0418-1
CVE-2014-1493
CVE-2014-1494
CVE-2014-1496
CVE-2014-1497
CVE-2014-1498
CVE-2014-1499
CVE-2014-1500
CVE-2014-1501
CVE-2014-1502
CVE-2014-1504
CVE-2014-1508
CVE-2014-1509
CVE-2014-1505
CVE-2014-1510
CVE-2014-1511
CVE-2014-1512
CVE-2014-1513
CVE-2014-1514
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): MozillaFirefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24886
 
Oval ID: oval:org.mitre.oval:def:24886
Title: Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.
Description: Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1541
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24891
 
Oval ID: oval:org.mitre.oval:def:24891
Title: DSA-2960-1 icedove - security update
Description: Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code or denial of service.
Family: unix Class: patch
Reference(s): DSA-2960-1
CVE-2014-1533
CVE-2014-1538
CVE-2014-1541
CVE-2014-1545
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): icedove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24900
 
Oval ID: oval:org.mitre.oval:def:24900
Title: USN-2243-1 -- firefox vulnerabilities
Description: Firefox could be made to crash or run programs as your login if it opened a malicious website.
Family: unix Class: patch
Reference(s): USN-2243-1
CVE-2014-1533
CVE-2014-1534
CVE-2014-1536
CVE-2014-1537
CVE-2014-1538
CVE-2014-1540
CVE-2014-1541
CVE-2014-1542
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 13.10
Ubuntu 12.04
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24914
 
Oval ID: oval:org.mitre.oval:def:24914
Title: Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.
Description: Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1544
Version: 7
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24941
 
Oval ID: oval:org.mitre.oval:def:24941
Title: Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.
Description: Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1542
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24961
 
Oval ID: oval:org.mitre.oval:def:24961
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1547
Version: 7
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24988
 
Oval ID: oval:org.mitre.oval:def:24988
Title: DSA-2962-1 nspr - security update
Description: Abhiskek Arya discovered an out of bounds write in the cvt_t() function of the NetScape Portable Runtime Library which could result in the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-2962-1
CVE-2014-1545
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): nspr
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25000
 
Oval ID: oval:org.mitre.oval:def:25000
Title: The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
Description: The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1536
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25002
 
Oval ID: oval:org.mitre.oval:def:25002
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1548
Version: 7
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25005
 
Oval ID: oval:org.mitre.oval:def:25005
Title: ELSA-2014:0741: firefox security update (Critical)
Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1533, CVE-2014-1538, CVE-2014-1541) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Gary Kwong, Christoph Diehl, Christian Holler, Hannes Verschore, Jan de Mooij, Ryan VanderMeulen, Jeff Walden, Kyle Huey, Abhishek Arya, and Nils as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.6.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 24.6.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014:0741-00
CVE-2014-1533
CVE-2014-1538
CVE-2014-1541
Version: 4
Platform(s): Red Hat Enterprise Linux 7
Oracle Linux 6
Oracle Linux 5
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25016
 
Oval ID: oval:org.mitre.oval:def:25016
Title: Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559.
Description: Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1558
Version: 7
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25027
 
Oval ID: oval:org.mitre.oval:def:25027
Title: Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object.
Description: Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1551
Version: 7
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25038
 
Oval ID: oval:org.mitre.oval:def:25038
Title: DSA-2955-1 iceweasel - security update
Description: Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code or denial of service.
Family: unix Class: patch
Reference(s): DSA-2955-1
CVE-2014-1533
CVE-2014-1538
CVE-2014-1541
CVE-2014-1545
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): iceweasel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25041
 
Oval ID: oval:org.mitre.oval:def:25041
Title: The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering.
Description: The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1549
Version: 7
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25053
 
Oval ID: oval:org.mitre.oval:def:25053
Title: USN-2265-1 -- nspr vulnerability
Description: NSPR could be made to crash or run programs if it received specially crafted input.
Family: unix Class: patch
Reference(s): USN-2265-1
CVE-2014-1545
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 13.10
Ubuntu 12.04
Ubuntu 10.04
Product(s): nspr
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25064
 
Oval ID: oval:org.mitre.oval:def:25064
Title: USN-2250-1 -- thunderbird vulnerabilities
Description: Several security issues were fixed in Thunderbird.
Family: unix Class: patch
Reference(s): USN-2250-1
CVE-2014-1533
CVE-2014-1538
CVE-2014-1541
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 13.10
Ubuntu 12.04
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25090
 
Oval ID: oval:org.mitre.oval:def:25090
Title: Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use ASCII character encoding in a required context.
Description: Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use ASCII character encoding in a required context.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1560
Version: 7
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25098
 
Oval ID: oval:org.mitre.oval:def:25098
Title: Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect.
Description: Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1552
Version: 7
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25116
 
Oval ID: oval:org.mitre.oval:def:25116
Title: RHSA-2014:0917: nss and nspr security, bug fix, and enhancement update (Critical)
Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1544) A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server. (CVE-2013-1740) A race condition was found in the way NSS implemented session ticket handling as specified by RFC 5077. An attacker could use this flaw to crash an application using NSS or, in rare cases, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1490) It was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE) parameters. This could possibly lead to weak encryption being used in communication between the client and the server. (CVE-2014-1491) An out-of-bounds write flaw was found in NSPR. A remote attacker could potentially use this flaw to crash an application using NSPR or, possibly, execute arbitrary code with the privileges of the user running that application. This NSPR flaw was not exposed to web content in any shipped version of Firefox. (CVE-2014-1545) It was found that the implementation of Internationalizing Domain Names in Applications (IDNA) hostname matching in NSS did not follow the RFC 6125 recommendations. This could lead to certain invalid certificates with international characters to be accepted as valid. (CVE-2014-1492) Red Hat would like to thank the Mozilla project for reporting the CVE-2014-1544, CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream acknowledges Tyson Smith and Jesse Schwartzentruber as the original reporters of CVE-2014-1544, Brian Smith as the original reporter of CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the original reporters of CVE-2014-1491, and Abhishek Arya as the original reporter of CVE-2014-1545. In addition, the nss package has been upgraded to upstream version 3.16.1, and the nspr package has been upgraded to upstream version 4.10.6. These updated packages provide a number of bug fixes and enhancements over the previous versions. (BZ#1112136, BZ#1112135) Users of NSS and NSPR are advised to upgrade to these updated packages, which correct these issues and add these enhancements. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0917-00
CESA-2014:0917
CVE-2013-1740
CVE-2014-1490
CVE-2014-1491
CVE-2014-1492
CVE-2014-1544
CVE-2014-1545
Version: 3
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): nspr
nss
nss-util
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25117
 
Oval ID: oval:org.mitre.oval:def:25117
Title: The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image.
Description: The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1557
Version: 7
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25177
 
Oval ID: oval:org.mitre.oval:def:25177
Title: SUSE-SU-2014:0638-1 -- Security update for Mozilla Firefox
Description: This Mozilla Firefox and Mozilla NSS update to 24.5.0esr fixes the following several security and non-security issues: * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG images * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object as XBL * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web Notification API * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history navigations * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while resizing images * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver Mozilla NSS has been updated to 3.16: * required for Firefox 29 * CVE-2014-1492: In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2. * Update of root certificates.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0638-1
CVE-2014-1518
CVE-2014-1523
CVE-2014-1524
CVE-2014-1529
CVE-2014-1530
CVE-2014-1531
CVE-2014-1532
CVE-2014-1492
CVE-2014-1520
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25189
 
Oval ID: oval:org.mitre.oval:def:25189
Title: Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering.
Description: Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1550
Version: 7
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25198
 
Oval ID: oval:org.mitre.oval:def:25198
Title: ELSA-2014:0742: thunderbird security update (Important)
Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1533, CVE-2014-1538, CVE-2014-1541) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Gary Kwong, Christoph Diehl, Christian Holler, Hannes Verschore, Jan de Mooij, Ryan VanderMeulen, Jeff Walden, Kyle Huey, Abhishek Arya, and Nils as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.6.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.6.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014:0742-00
CVE-2014-1533
CVE-2014-1538
CVE-2014-1541
Version: 4
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25227
 
Oval ID: oval:org.mitre.oval:def:25227
Title: SUSE-SU-2014:0638-2 -- Security update for Mozilla Firefox
Description: This MozillaFirefox and mozilla-nss update fixes several security and non-security issues. MozillaFirefox has been updated to version 24.5.0esr which fixes the following issues: * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG images * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object as XBL * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web Notification API * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history navigations * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while resizing images * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver Mozilla NSS has been updated to version 3.16 * required for Firefox 29 * CVE-2014-1492_ In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2. * Update of root certificates.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0638-2
CVE-2014-1518
CVE-2014-1523
CVE-2014-1524
CVE-2014-1529
CVE-2014-1530
CVE-2014-1531
CVE-2014-1532
CVE-2014-1492
CVE-2014-1520
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25264
 
Oval ID: oval:org.mitre.oval:def:25264
Title: Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1558.
Description: Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1558.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1559
Version: 7
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25270
 
Oval ID: oval:org.mitre.oval:def:25270
Title: RHSA-2014:0919: firefox security update (Critical)
Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1547, CVE-2014-1555, CVE-2014-1556, CVE-2014-1557) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, David Keeler, Byron Campen, Jethro Beekman, Patrick Cozzi, and Mozilla community member John as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.7.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 24.7.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0919-00
CESA-2014:0919
CVE-2014-1547
CVE-2014-1555
CVE-2014-1556
CVE-2014-1557
Version: 3
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 5
CentOS Linux 5
CentOS Linux 6
CentOS Linux 7
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25279
 
Oval ID: oval:org.mitre.oval:def:25279
Title: Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library.
Description: Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1556
Version: 7
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25335
 
Oval ID: oval:org.mitre.oval:def:25335
Title: RHSA-2014:0916: nss and nspr security update (Critical)
Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1544) Red Hat would like to thank the Mozilla project for reporting CVE-2014-1544. Upstream acknowledges Tyson Smith and Jesse Schwartzentruber as the original reporters. Users of NSS and NSPR are advised to upgrade to these updated packages, which correct this issue. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0916-00
CESA-2014:0916
CVE-2014-1544
Version: 3
Platform(s): Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 5
CentOS Linux 5
CentOS Linux 7
Product(s): nspr
nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25341
 
Oval ID: oval:org.mitre.oval:def:25341
Title: SUSE-SU-2014:0665-2 -- Security update for Mozilla Firefox
Description: This Mozilla Firefox update provides several security and non-security fixes. Mozilla Firefox has been updated to the 24.5.0esr version, which fixes the following issues: * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG images * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object as XBL * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web Notification API * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history navigations * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while resizing images * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver Mozilla NSS has been updated to version 3.16 * required for Firefox 29 * CVE-2014-1492_ In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2. * Update of root certificates.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0665-2
CVE-2014-1518
CVE-2014-1523
CVE-2014-1524
CVE-2014-1529
CVE-2014-1530
CVE-2014-1531
CVE-2014-1532
CVE-2014-1492
Version: 5
Platform(s): SUSE Linux Enterprise Server 10
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25349
 
Oval ID: oval:org.mitre.oval:def:25349
Title: SUSE-SU-2014:0727-1 -- Security update for Mozilla Firefox
Description: This Mozilla Firefox update provides several security and non-security fixes. MozillaFirefox has been updated to 24.5.0esr, which fixes the following issues: * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG images * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object as XBL * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web Notification API * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history navigations * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while resizing images * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver Mozilla NSS has been updated to 3.16 * required for Firefox 29 * CVE-2014-1492_ In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2. * Update of root certificates.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0727-1
CVE-2014-1518
CVE-2014-1523
CVE-2014-1524
CVE-2014-1529
CVE-2014-1530
CVE-2014-1531
CVE-2014-1532
CVE-2014-1492
Version: 5
Platform(s): SUSE Linux Enterprise Server 10
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25354
 
Oval ID: oval:org.mitre.oval:def:25354
Title: SUSE-SU-2013:1919-1 -- Security update for Mozilla Firefox
Description: MozillaFirefox has been updated to the 24.2.0 ESR security release.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:1919-1
CVE-2013-5611
CVE-2013-5609
CVE-2013-5610
CVE-2013-5612
CVE-2013-5614
CVE-2013-5616
CVE-2013-5619
CVE-2013-6671
CVE-2013-6673
CVE-2013-5613
CVE-2013-5615
CVE-2013-6672
CVE-2013-5618
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25411
 
Oval ID: oval:org.mitre.oval:def:25411
Title: SUSE-SU-2014:0824-3 -- Security update for MozillaFirefox
Description: MozillaFirefox was updated to version 24.6.0 to fix six security issues.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0824-3
CVE-2014-1533
CVE-2014-1534
CVE-2014-1536
CVE-2014-1537
CVE-2014-1538
CVE-2014-1541
CVE-2014-1545
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
Product(s): MozillaFirefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25463
 
Oval ID: oval:org.mitre.oval:def:25463
Title: SUSE-SU-2014:0248-2 -- Security update for Mozilla Firefox
Description: Mozilla Firefox was updated to the 24.3.0ESR security release.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0248-2
CVE-2014-1477
CVE-2014-1479
CVE-2014-1480
CVE-2014-1482
CVE-2014-1483
CVE-2014-1484
CVE-2014-1485
CVE-2014-1486
CVE-2014-1487
CVE-2014-1489
CVE-2014-1488
CVE-2014-1490
CVE-2014-1491
CVE-2014-1481
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25501
 
Oval ID: oval:org.mitre.oval:def:25501
Title: SUSE-SU-2014:0665-1 -- Security update for Mozilla Firefox
Description: This Mozilla Firefox and Mozilla NSS update fixes several security and non-security issues. Mozilla Firefox has been updated to 24.5.0esr which fixes the following issues: * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG images * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object as XBL * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web Notification API * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history navigations * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while resizing images * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver Mozilla NSS has been updated to 3.16 * required for Firefox 29 * CVE-2014-1492_ In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2. * Update of root certificates.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0665-1
CVE-2014-1518
CVE-2014-1523
CVE-2014-1524
CVE-2014-1529
CVE-2014-1530
CVE-2014-1531
CVE-2014-1532
CVE-2014-1492
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25617
 
Oval ID: oval:org.mitre.oval:def:25617
Title: DSA-2996-1 -- icedove - security update
Description: Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service.
Family: unix Class: patch
Reference(s): DSA-2996-1
CVE-2014-1544
CVE-2014-1547
CVE-2014-1555
CVE-2014-1556
CVE-2014-1557
Version: 5
Platform(s): Debian GNU/Linux 7
Debian GNU/kFreeBSD 7
Product(s): icedove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25625
 
Oval ID: oval:org.mitre.oval:def:25625
Title: SUSE-SU-2013:1807-1 -- Security update for mozilla-nspr, mozilla-nss
Description: Mozilla NSPR and NSS were updated to fix various security bugs that could be used to crash the browser or potentially execute code.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:1807-1
CVE-2013-5607
CVE-2013-1741
CVE-2013-5605
CVE-2013-5606
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Desktop 11
Product(s): mozilla-nspr
mozilla-nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25706
 
Oval ID: oval:org.mitre.oval:def:25706
Title: USN-2295-1 -- firefox vulnerabilities
Description: Firefox could be made to crash or run programs as your login if it opened a malicious website.
Family: unix Class: patch
Reference(s): USN-2295-1
CVE-2014-1547
CVE-2014-1548
CVE-2014-1549
CVE-2014-1550
CVE-2014-1561
CVE-2014-1555
CVE-2014-1556
CVE-2014-1544
CVE-2014-1557
CVE-2014-1558
CVE-2014-1559
CVE-2014-1560
CVE-2014-1552
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 12.04
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25862
 
Oval ID: oval:org.mitre.oval:def:25862
Title: DSA-2986-1 -- iceweasel - security update
Description: Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service.
Family: unix Class: patch
Reference(s): DSA-2986-1
CVE-2014-1544
CVE-2014-1547
CVE-2014-1555
CVE-2014-1556
CVE-2014-1557
Version: 5
Platform(s): Debian GNU/Linux 7
Debian GNU/kFreeBSD 7
Product(s): iceweasel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25910
 
Oval ID: oval:org.mitre.oval:def:25910
Title: USN-2296-1 -- thunderbird vulnerabilities
Description: Several security issues were fixed in Thunderbird.
Family: unix Class: patch
Reference(s): USN-2296-1
CVE-2014-1547
CVE-2014-1549
CVE-2014-1550
CVE-2014-1555
CVE-2014-1556
CVE-2014-1544
CVE-2014-1557
CVE-2014-1558
CVE-2014-1559
CVE-2014-1560
CVE-2014-1552
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 12.04
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26037
 
Oval ID: oval:org.mitre.oval:def:26037
Title: SUSE-SU-2014:0960-1 -- Security update for Mozilla Firefox
Description: Mozilla Firefox has been updated to the 24.7ESR security release.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0960-1
CVE-2014-1544
CVE-2014-1548
CVE-2014-1549
CVE-2014-1550
CVE-2014-1551
CVE-2014-1552
CVE-2014-1555
CVE-2014-1556
CVE-2014-1557
CVE-2014-1558
CVE-2014-1559
CVE-2014-1560
CVE-2014-1561
CVE-2014-1547
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Desktop 11
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26119
 
Oval ID: oval:org.mitre.oval:def:26119
Title: ELSA-2014-1246 -- nss and nspr security, bug fix, and enhancement update (Moderate)
Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server. (CVE-2013-1740) A race condition was found in the way NSS implemented session ticket handling as specified by RFC 5077. An attacker could use this flaw to crash an application using NSS or, in rare cases, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1490) It was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE) parameters. This could possibly lead to weak encryption being used in communication between the client and the server. (CVE-2014-1491) An out-of-bounds write flaw was found in NSPR. A remote attacker could potentially use this flaw to crash an application using NSPR or, possibly, execute arbitrary code with the privileges of the user running that application. This NSPR flaw was not exposed to web content in any shipped version of Firefox. (CVE-2014-1545) It was found that the implementation of Internationalizing Domain Names in Applications (IDNA) hostname matching in NSS did not follow the RFC 6125 recommendations. This could lead to certain invalid certificates with international characters to be accepted as valid. (CVE-2014-1492) Red Hat would like to thank the Mozilla project for reporting the CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream acknowledges Brian Smith as the original reporter of CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the original reporters of CVE-2014-1491, and Abhishek Arya as the original reporter of CVE-2014-1545. The nss and nspr packages have been upgraded to upstream version 3.16.1 and 4.10.6 respectively, which provide a number of bug fixes and enhancements over the previous versions. (BZ#1110857, BZ#1110860) This update also fixes the following bugs: * Previously, when the output.log file was not present on the system, the shell in the Network Security Services (NSS) specification handled test failures incorrectly as false positive test results. Consequently, certain utilities, such as "grep", could not handle failures properly. This update improves error detection in the specification file, and "grep" and other utilities now handle missing files or crashes as intended. (BZ#1035281) * Prior to this update, a subordinate Certificate Authority (CA) of the ANSSI agency incorrectly issued an intermediate certificate installed on a network monitoring device. As a consequence, the monitoring device was enabled to act as an MITM (Man in the Middle) proxy performing traffic management of domain names or IP addresses that the certificate holder did not own or control. The trust in the intermediate certificate to issue the certificate for an MITM device has been revoked, and such a device can no longer be used for MITM attacks. (BZ#1042684) * Due to a regression, MD5 certificates were rejected by default because Network Security Services (NSS) did not trust MD5 certificates. With this update, MD5 certificates are supported in Red Hat Enterprise Linux 5. (BZ#11015864) Users of nss and nspr are advised to upgrade to these updated packages, which correct these issues and add these enhancements.
Family: unix Class: patch
Reference(s): ELSA-2014-1246
CVE-2013-1740
CVE-2014-1490
CVE-2014-1491
CVE-2014-1492
CVE-2014-1545
Version: 3
Platform(s): Oracle Linux 5
Product(s): nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26137
 
Oval ID: oval:org.mitre.oval:def:26137
Title: SUSE-SU-2014:0824-2 -- Security update for MozillaFirefox
Description: MozillaFirefox was updated to version 24.6.0 to fix six security issues.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0824-2
CVE-2014-1533
CVE-2014-1534
CVE-2014-1536
CVE-2014-1537
CVE-2014-1538
CVE-2014-1541
CVE-2014-1545
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
Product(s): MozillaFirefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26138
 
Oval ID: oval:org.mitre.oval:def:26138
Title: SUSE-SU-2014:0824-1 -- Security update for MozillaFirefox
Description: MozillaFirefox was updated to version 24.6.0 to fix six security issues.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0824-1
CVE-2014-1533
CVE-2014-1534
CVE-2014-1536
CVE-2014-1537
CVE-2014-1538
CVE-2014-1541
CVE-2014-1545
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Desktop 11
Product(s): MozillaFirefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26141
 
Oval ID: oval:org.mitre.oval:def:26141
Title: DSA-2994-1 -- nss - security update
Description: Several vulnerabilities have been discovered in nss, the Mozilla Network Security Service library.
Family: unix Class: patch
Reference(s): DSA-2994-1
CVE-2013-1741
CVE-2013-5606
CVE-2014-1491
CVE-2014-1492
Version: 5
Platform(s): Debian GNU/Linux 7
Debian GNU/kFreeBSD 7
Product(s): nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26152
 
Oval ID: oval:org.mitre.oval:def:26152
Title: SUSE-SU-2014:1120-1 -- Security update for MozillaFirefox
Description: Mozilla Firefox was updated to the 24.8.0ESR release, fixing security issues and bugs. Only some of the published security advisories affect the Mozilla Firefox 24ESR codestream: * MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution. * MFSA 2014-67: Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. * Jan de Mooij reported a memory safety problem that affects Firefox ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562) More information is referenced on: https://www.mozilla.org/security/announce/ <https://www.mozilla.org/security/announce/> . Security Issues: * CVE-2014-1567 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567> * CVE-2014-1562 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1120-1
CVE-2014-1567
CVE-2014-1562
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): MozillaFirefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26168
 
Oval ID: oval:org.mitre.oval:def:26168
Title: RHSA-2014:1073: nss, nss-util, nss-softokn security, bug fix, and enhancement update (Low)
Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv3, TLS, and other security standards.
Family: unix Class: patch
Reference(s): RHSA-2014:1073-00
CESA-2014:1073
CVE-2014-1492
Version: 3
Platform(s): Red Hat Enterprise Linux 7
CentOS Linux 7
Product(s): nss
nss-softokn
nss-util
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26268
 
Oval ID: oval:org.mitre.oval:def:26268
Title: USN-2343-1 -- nss vulnerability
Description: NSS could be made to crash or run programs as your login if it processed a specially crafted certificate.
Family: unix Class: patch
Reference(s): USN-2343-1
CVE-2014-1544
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 12.04
Ubuntu 10.04
Product(s): nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26273
 
Oval ID: oval:org.mitre.oval:def:26273
Title: SUSE-SU-2014:1112-2 -- Security update for MozillaFirefox
Description: Mozilla Firefox was updated to the 24.8.0ESR release, fixing security issues and bugs. Only some of the published security advisories affect the Mozilla Firefox 24ESR codestream: * MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution. * MFSA 2014-67: Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. * Jan de Mooij reported a memory safety problem that affects Firefox ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562) More information is referenced on: https://www.mozilla.org/security/announce/ <https://www.mozilla.org/security/announce/> . Security Issues: * CVE-2014-1562 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562> * CVE-2014-1567 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1112-2
CVE-2014-1567
CVE-2014-1562
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): MozillaFirefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26284
 
Oval ID: oval:org.mitre.oval:def:26284
Title: SUSE-SU-2014:0905-1 -- Security update for Mozilla Firefox
Description: Mozilla Firefox has been updated to 24.6.0 to fix the security issues.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0905-1
CVE-2014-1533
CVE-2014-1534
CVE-2014-1536
CVE-2014-1537
CVE-2014-1538
CVE-2014-1541
CVE-2014-1545
Version: 5
Platform(s): SUSE Linux Enterprise Server 10
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26436
 
Oval ID: oval:org.mitre.oval:def:26436
Title: SUSE-SU-2014:1220-3 -- Security update for mozilla-nss
Description: Mozilla NSS was updated to version 3.16.5 to fix a RSA certificate forgery issue. MFSA 2014-73 / CVE-2014-1568: Antoine Delignat-Lavaud, security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates. The Advanced Threat Research team at Intel Security also independently discovered and reported this issue. Security Issues: * CVE-2014-1568 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1220-3
CVE-2014-1568
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
Product(s): mozilla-nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26451
 
Oval ID: oval:org.mitre.oval:def:26451
Title: RHSA-2014:1246: nss and nspr security, bug fix, and enhancement update (Moderate)
Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server. (CVE-2013-1740) A race condition was found in the way NSS implemented session ticket handling as specified by RFC 5077. An attacker could use this flaw to crash an application using NSS or, in rare cases, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1490) It was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE) parameters. This could possibly lead to weak encryption being used in communication between the client and the server. (CVE-2014-1491) An out-of-bounds write flaw was found in NSPR. A remote attacker could potentially use this flaw to crash an application using NSPR or, possibly, execute arbitrary code with the privileges of the user running that application. This NSPR flaw was not exposed to web content in any shipped version of Firefox. (CVE-2014-1545) It was found that the implementation of Internationalizing Domain Names in Applications (IDNA) hostname matching in NSS did not follow the RFC 6125 recommendations. This could lead to certain invalid certificates with international characters to be accepted as valid. (CVE-2014-1492) Red Hat would like to thank the Mozilla project for reporting the CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream acknowledges Brian Smith as the original reporter of CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the original reporters of CVE-2014-1491, and Abhishek Arya as the original reporter of CVE-2014-1545. The nss and nspr packages have been upgraded to upstream version 3.16.1 and 4.10.6 respectively, which provide a number of bug fixes and enhancements over the previous versions. (BZ#1110857, BZ#1110860) This update also fixes the following bugs: * Previously, when the output.log file was not present on the system, the shell in the Network Security Services (NSS) specification handled test failures incorrectly as false positive test results. Consequently, certain utilities, such as "grep", could not handle failures properly. This update improves error detection in the specification file, and "grep" and other utilities now handle missing files or crashes as intended. (BZ#1035281) * Prior to this update, a subordinate Certificate Authority (CA) of the ANSSI agency incorrectly issued an intermediate certificate installed on a network monitoring device. As a consequence, the monitoring device was enabled to act as an MITM (Man in the Middle) proxy performing traffic management of domain names or IP addresses that the certificate holder did not own or control. The trust in the intermediate certificate to issue the certificate for an MITM device has been revoked, and such a device can no longer be used for MITM attacks. (BZ#1042684) * Due to a regression, MD5 certificates were rejected by default because Network Security Services (NSS) did not trust MD5 certificates. With this update, MD5 certificates are supported in Red Hat Enterprise Linux 5. (BZ#11015864) Users of nss and nspr are advised to upgrade to these updated packages, which correct these issues and add these enhancements.
Family: unix Class: patch
Reference(s): RHSA-2014:1246-00
CVE-2013-1740
CVE-2014-1490
CVE-2014-1491
CVE-2014-1492
CVE-2014-1545
CESA-2014:1246
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26453
 
Oval ID: oval:org.mitre.oval:def:26453
Title: USN-2361-1 -- nss vulnerability
Description: Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet.
Family: unix Class: patch
Reference(s): USN-2361-1
CVE-2014-1568
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 12.04
Ubuntu 10.04
Product(s): nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26526
 
Oval ID: oval:org.mitre.oval:def:26526
Title: RHSA-2014:1145: thunderbird security update (Important)
Description: Mozilla Thunderbird is a standalone mail and newsgroup client.
Family: unix Class: patch
Reference(s): RHSA-2014:1145-00
CESA-2014:1145
CVE-2014-1562
CVE-2014-1567
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26530
 
Oval ID: oval:org.mitre.oval:def:26530
Title: USN-2329-1 -- firefox vulnerabilities
Description: Firefox could be made to crash or run programs as your login if it opened a malicious website.
Family: unix Class: patch
Reference(s): USN-2329-1
CVE-2014-1553
CVE-2014-1554
CVE-2014-1562
CVE-2014-1563
CVE-2014-1564
CVE-2014-1565
CVE-2014-1567
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 12.04
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26573
 
Oval ID: oval:org.mitre.oval:def:26573
Title: RHSA-2014:1144: firefox security update (Critical)
Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.
Family: unix Class: patch
Reference(s): RHSA-2014:1144-00
CESA-2014:1144
CVE-2014-1562
CVE-2014-1567
Version: 3
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 5
CentOS Linux 5
CentOS Linux 6
CentOS Linux 7
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26574
 
Oval ID: oval:org.mitre.oval:def:26574
Title: DSA-3033-1 nss - security update
Description: Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS (the Mozilla Network Security Service library) was parsing ASN.1 data used in signatures, making it vulnerable to a signature forgery attack.
Family: unix Class: patch
Reference(s): DSA-3033-1
CVE-2014-1568
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26586
 
Oval ID: oval:org.mitre.oval:def:26586
Title: USN-2360-2 -- thunderbird vulnerabilities
Description: Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet.
Family: unix Class: patch
Reference(s): USN-2360-2
CVE-2014-1568
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 12.04
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26608
 
Oval ID: oval:org.mitre.oval:def:26608
Title: SUSE-SU-2014:1112-1 -- Security update for MozillaFirefox
Description: Mozilla Firefox was updated to the 24.8.0ESR release, fixing security issues and bugs. Only some of the published security advisories affect the Mozilla Firefox 24ESR codestream: * MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution. * MFSA 2014-67: Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. * Jan de Mooij reported a memory safety problem that affects Firefox ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562) More information is referenced on: https://www.mozilla.org/security/announce/ <https://www.mozilla.org/security/announce/> . Security Issues: * CVE-2014-1562 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562> * CVE-2014-1567 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1112-1
CVE-2014-1567
CVE-2014-1562
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): MozillaFirefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26637
 
Oval ID: oval:org.mitre.oval:def:26637
Title: DSA-3028-1 icedove - security update
Description: Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service.
Family: unix Class: patch
Reference(s): DSA-3028-1
CVE-2014-1562
CVE-2014-1567
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): icedove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26643
 
Oval ID: oval:org.mitre.oval:def:26643
Title: DSA-3018-1 iceweasel - security update
Description: Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service.
Family: unix Class: patch
Reference(s): DSA-3018-1
CVE-2014-1562
CVE-2014-1567
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): iceweasel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26699
 
Oval ID: oval:org.mitre.oval:def:26699
Title: SUSE-SU-2014:1107-1 -- Security update for MozillaFirefox
Description: Mozilla Firefox was updated to the 24.8.0ESR release, fixing security issues and bugs. Only some of the published security advisories affect the Mozilla Firefox 24ESR codestream: * MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution. * MFSA 2014-67: Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. * Jan de Mooij reported a memory safety problem that affects Firefox ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562) More information is referenced on: https://www.mozilla.org/security/announce/ <https://www.mozilla.org/security/announce/> . Security Issues: * CVE-2014-1562 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562> * CVE-2014-1567 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1107-1
CVE-2014-1567
CVE-2014-1562
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): MozillaFirefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26703
 
Oval ID: oval:org.mitre.oval:def:26703
Title: RHSA-2014:1047: nss nad nspr bug fix and enhancement update (Moderate)
Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Family: unix Class: patch
Reference(s): RHSA-2014:1047-00
CVE-2013-1740
CVE-2014-1490
CVE-2014-1491
CVE-2014-1492
CVE-2014-1545
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26709
 
Oval ID: oval:org.mitre.oval:def:26709
Title: SUSE-SU-2014:1220-4 -- Security update for mozilla-nss
Description: Mozilla NSS was updated to version 3.16.5 to fix a RSA certificate forgery issue. MFSA 2014-73 / CVE-2014-1568: Antoine Delignat-Lavaud, security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates. The Advanced Threat Research team at Intel Security also independently discovered and reported this issue. Security Issues: * CVE-2014-1568 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1220-4
CVE-2014-1568
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): mozilla-nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26725
 
Oval ID: oval:org.mitre.oval:def:26725
Title: RHSA-2014:1307: nss security update (Important)
Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. (CVE-2014-1568) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Antoine Delignat-Lavaud and Intel Product Security Incident Response Team as the original reporters. All NSS users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, applications using NSS must be restarted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:1307-00
CESA-2014:1307
CVE-2014-1568
Version: 5
Platform(s): Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 7
CentOS Linux 6
CentOS Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26731
 
Oval ID: oval:org.mitre.oval:def:26731
Title: ELSA-2014-1145 -- thunderbird security update (Important)
Description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1562, CVE-2014-1567) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Jan de Mooij as the original reporter of CVE-2014-1562, and regenrecht as the original reporter of CVE-2014-1567. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.8.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.8.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014-1145
CVE-2014-1562
CVE-2014-1567
Version: 3
Platform(s): Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26747
 
Oval ID: oval:org.mitre.oval:def:26747
Title: DEPRECATED: ELSA-2014-0316 -- thunderbird security update (important)
Description: [24.4.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [24.4.0-1] - Update to 24.4.0
Family: unix Class: patch
Reference(s): ELSA-2014-0316
CVE-2014-1493
CVE-2014-1497
CVE-2014-1505
CVE-2014-1508
CVE-2014-1509
CVE-2014-1510
CVE-2014-1511
CVE-2014-1512
CVE-2014-1513
CVE-2014-1514
Version: 4
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26775
 
Oval ID: oval:org.mitre.oval:def:26775
Title: SUSE-SU-2014:1120-2 -- Security update for MozillaFirefox
Description: Mozilla Firefox was updated to the 24.8.0ESR release, fixing security issues and bugs. Only some of the published security advisories affect the Mozilla Firefox 24ESR codestream: * MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution. * MFSA 2014-67: Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. * Jan de Mooij reported a memory safety problem that affects Firefox ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562) More information is referenced on: https://www.mozilla.org/security/announce/ <https://www.mozilla.org/security/announce/> . Security Issues: * CVE-2014-1567 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567> * CVE-2014-1562 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1120-2
CVE-2014-1567
CVE-2014-1562
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): MozillaFirefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26832
 
Oval ID: oval:org.mitre.oval:def:26832
Title: USN-2360-1 -- firefox vulnerabilities
Description: Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet.
Family: unix Class: patch
Reference(s): USN-2360-1
CVE-2014-1568
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 12.04
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26841
 
Oval ID: oval:org.mitre.oval:def:26841
Title: USN-2330-1 -- thunderbird vulnerabilities
Description: Several security issues were fixed in Thunderbird.
Family: unix Class: patch
Reference(s): USN-2330-1
CVE-2014-1553
CVE-2014-1562
CVE-2014-1563
CVE-2014-1564
CVE-2014-1565
CVE-2014-1567
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 12.04
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26842
 
Oval ID: oval:org.mitre.oval:def:26842
Title: DSA-3034-1 iceweasel - security update
Description: Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS (the Mozilla Network Security Service library, embedded in Wheezy's Iceweasel package), was parsing ASN.1 data used in signatures, making it vulnerable to a signature forgery attack.
Family: unix Class: patch
Reference(s): DSA-3034-1
CVE-2014-1568
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): iceweasel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26891
 
Oval ID: oval:org.mitre.oval:def:26891
Title: DSA-3037-1 icedove - security update
Description: Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS (the Mozilla Network Security Service library, embedded in Wheezy's Icedove), was parsing ASN.1 data used in signatures, making it vulnerable to a signature forgery attack.
Family: unix Class: patch
Reference(s): DSA-3037-1
CVE-2014-1568
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): icedove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26899
 
Oval ID: oval:org.mitre.oval:def:26899
Title: RHSA-2014:1635: firefox security update (Critical)
Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1574, CVE-2014-1578, CVE-2014-1581, CVE-2014-1576, CVE-2014-1577) A flaw was found in the Alarm API, which allows applications to schedule actions to be run in the future. A malicious web application could use this flaw to bypass cross-origin restrictions. (CVE-2014-1583) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Christian Holler, David Bolter, Byron Campen Jon Coppeard, Atte Kettunen, Holger Fuhrmannek, Abhishek Arya, regenrecht, and Boris Zbarsky as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 31.2.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 31.2.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:1635-00
CESA-2014:1635
CVE-2014-1574
CVE-2014-1576
CVE-2014-1577
CVE-2014-1578
CVE-2014-1581
CVE-2014-1583
Version: 3
Platform(s): Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 5
CentOS Linux 6
CentOS Linux 7
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26948
 
Oval ID: oval:org.mitre.oval:def:26948
Title: SUSE-SU-2014:1220-2 -- Security update for mozilla-nss
Description: Mozilla NSS was updated to 3.16.5 to fix a RSA certificate forgery issue. MFSA 2014-73 / CVE-2014-1568: Antoine Delignat-Lavaud, security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates. The Advanced Threat Research team at Intel Security also independently discovered and reported this issue. Security Issues: * CVE-2014-1568 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1220-2
CVE-2014-1568
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): mozilla-nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26972
 
Oval ID: oval:org.mitre.oval:def:26972
Title: ELSA-2014-1647 -- thunderbird security update
Description: [31.2.0-3.0.1.el6_5] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [31.2.0-3] - Enabled jemalloc on ppc(64) and s390(x) [31.2.0-2] - Update to 31.2.0 [31.1.1-2] - Sync preferences with Firefox [31.1.1-1] - Update to 31.1.1 [31.1.0-1] - Update to 31.1.0 [31.0-1] - Rebase to 31 ESR
Family: unix Class: patch
Reference(s): ELSA-2014-1647
CVE-2014-1574
CVE-2014-1577
CVE-2014-1578
CVE-2014-1581
Version: 4
Platform(s): Oracle Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26973
 
Oval ID: oval:org.mitre.oval:def:26973
Title: USN-2372-1 -- Firefox vulnerabilities
Description: Bobby Holley, Christian Holler, David Bolter, Byron Campen, Jon Coppeard, Carsten Book, Martijn Wargers, Shih-Chiang Chien, Terrence Cole and Jeff Walden discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1574">CVE-2014-1574</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1575">CVE-2014-1575</a>) Atte Kettunen discovered a buffer overflow during CSS manipulation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1576">CVE-2014-1576</a>) Holger Fuhrmannek discovered an out-of-bounds read with Web Audio. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to steal sensitive information. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1577">CVE-2014-1577</a>) Abhishek Arya discovered an out-of-bounds write when buffering WebM video in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1578">CVE-2014-1578</a>) Michal Zalewski discovered that memory may not be correctly initialized when rendering a malformed GIF in to a canvas in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to steal sensitive information. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1580">CVE-2014-1580</a>) A use-after-free was discovered during text layout in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1581">CVE-2014-1581</a>) Patrick McManus and David Keeler discovered 2 issues that could result in certificate pinning being bypassed in some circumstances. An attacker with a fraudulent certificate could potentially exploit this conduct a man in the middle attack. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1582">CVE-2014-1582</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1584">CVE-2014-1584</a>) Eric Shepherd and Jan-Ivar Bruaroey discovered issues with video sharing via WebRTC in iframes, where video continues to be shared after being stopped and navigating to a new site doesn&#39;t turn off the camera. An attacker could potentially exploit this to access the camera without the user being aware. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1585">CVE-2014-1585</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1586">CVE-2014-1586</a>) Boris Zbarsky discovered that webapps could use the Alarm API to read the values of cross-origin references. If a user were tricked in to installing a specially crafter webapp, an attacker could potentially exploit this to bypass same-origin restrictions. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1583">CVE-2014-1583</a>)
Family: unix Class: patch
Reference(s): USN-2372-1
CVE-2014-1574
CVE-2014-1575
CVE-2014-1576
CVE-2014-1577
CVE-2014-1578
CVE-2014-1580
CVE-2014-1581
CVE-2014-1582
CVE-2014-1584
CVE-2014-1585
CVE-2014-1586
CVE-2014-1583
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 12.04
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27006
 
Oval ID: oval:org.mitre.oval:def:27006
Title: ELSA-2014-1144 -- firefox security update (Critical)
Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1562, CVE-2014-1567) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Jan de Mooij as the original reporter of CVE-2014-1562, and regenrecht as the original reporter of CVE-2014-1567. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.8.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 24.8.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014-1144
CVE-2014-1562
CVE-2014-1567
Version: 3
Platform(s): Oracle Linux 6
Oracle Linux 7
Oracle Linux 5
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27025
 
Oval ID: oval:org.mitre.oval:def:27025
Title: SUSE-SU-2014:1220-1 -- Security update for mozilla-nss
Description: Mozilla NSS was updated to version 3.16.5 to fix a RSA certificate forgery issue. MFSA 2014-73 / CVE-2014-1568: Antoine Delignat-Lavaud, security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates. The Advanced Threat Research team at Intel Security also independently discovered and reported this issue. Security Issues: * CVE-2014-1568 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1220-1
CVE-2014-1568
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): mozilla-nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27048
 
Oval ID: oval:org.mitre.oval:def:27048
Title: USN-2373-1 -- Thunderbird vulnerabilities
Description: Bobby Holley, Christian Holler, David Bolter, Byron Campen and Jon Coppeard discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1574">CVE-2014-1574</a>) Atte Kettunen discovered a buffer overflow during CSS manipulation. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1576">CVE-2014-1576</a>) Holger Fuhrmannek discovered an out-of-bounds read with Web Audio. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to steal sensitive information. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1577">CVE-2014-1577</a>) Abhishek Arya discovered an out-of-bounds write when buffering WebM video in some circumstances. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1578">CVE-2014-1578</a>) A use-after-free was discovered during text layout in some circumstances. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1581">CVE-2014-1581</a>) Eric Shepherd and Jan-Ivar Bruaroey discovered issues with video sharing via WebRTC in iframes, where video continues to be shared after being stopped and navigating to a new site doesn&#39;t turn off the camera. An attacker could potentially exploit this to access the camera without the user being aware. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1585">CVE-2014-1585</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1586">CVE-2014-1586</a>)
Family: unix Class: patch
Reference(s): USN-2373-1
CVE-2014-1574
CVE-2014-1576
CVE-2014-1577
CVE-2014-1578
CVE-2014-1581
CVE-2014-1585
CVE-2014-1586
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 12.04
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27058
 
Oval ID: oval:org.mitre.oval:def:27058
Title: ELSA-2014-1307 -- nss security update (Important)
Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. (CVE-2014-1568) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Antoine Delignat-Lavaud and Intel Product Security Incident Response Team as the original reporters. All NSS users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, applications using NSS must be restarted for this update to take effect.
Family: unix Class: patch
Reference(s): ELSA-2014-1307
CVE-2014-1568
Version: 3
Platform(s): Oracle Linux 7
Oracle Linux 5
Oracle Linux 6
Product(s): nss
Definition Synopsis: